Access Control for an OpenGIS® Web Service based Spatial Data Infrastructure
is one of the relevant pre-conditions to provide high quality geographic information.
Basically, access to the services has to be protected by an appropriate Access Control System that
implements (at least) the following requirements:

It must be possible to declare access rights for particular data types of geographic
information objects. When protecting access to the Web Map Service (WMS), a data type can be
a layer, provided by the WMS. For a Web Feature Service (WFS) a data type can be a feature type.

It must be possible to declare access rights for particular instances of geographic information
objects. For protecting access to a WFS, this allows to associate access rights to
individual features or a group of features.

It must be possible to declare access rights for particular geographic areas (regions).
For protecting a WMS, this allows to restrict access for maps to particular areas of interest.
For protecting a WFS, this allows to minimize the area, for which
features can be requests, created, modified or deleted.

Requesting maps in a binary format (e.g. gif, jpeg, etc.) it must be possible to declare
access rights based on the resolution of the map.

It must be possible to declare access rights for requests, issued by clients with a
particular IP-address or computer name.

It must be possible to declare access rights for particular time windows.

It must be possible to combine different types of access rights and manage
access rights for roles.

These (and more) requirements are supported by the Geospatial eXtensible Access Control
Markup Language, short GeoXACML. It defines a geo-specific extension to the eXtensible Access Control
Markup Language, short XACML which is a standard from OASIS. More information on
GeoXACML can be obtained from the Homepage.

The establishment of Access Control requires Authentication. One interoperable solution to implement
Authentication that supports Single-Sign-On is based on on the Security Markup Language Standard by OASIS.